Search (keywords):  SOFT ARTICLES TIPS & TRICKS SECURITY LINKS NEWS MAN DOCUMENTATION

<< Previous INDEX Search src Set bookmark Go to bookmark Next >>

Date: Tue, 28 Oct 2003 12:53:27 +0100 (MET)
From: Oliver Karow <[email protected]>
To: [email protected]
Subject: Fastream NetFile FTP/WebServer 6.0 CSS Vulnerability
Cc: [email protected]

Fastream NetFile FTP/WebServer 6.0 CSS Vulnerability
---------------------------------------------------------------

There is a Cross-Site-Scripting Vulnerability in Fastream
NetFile FTP/Webserver Version 6.0.3.588.

Requesting a non existing URL will give a "404 Not Found" answer,
containing the requested URL. It is not checked if the URL contains
script code.

Exploiting:
-----------
http://webserver/<;script>alert("bang")</script>

Vendor:
-------
http://www.fastream.com/NETFileServer

Credit:
-------
Oliver.Karow[AT]gmx.de
www.oliverkarow.de
28.10.2003


-- 
NEU FэR ALLE - GMX MediaCenter - fЭr Fotos, Musik, Dateien...
Fotoalbum, File Sharing, MMS, Multimedia-Gruъ, GMX FotoService

Jetzt kostenlos anmelden unter http://www.gmx.net

+++ GMX - die erste Adresse fЭr Mail, Message, More! +++

<< Previous INDEX Search src Set bookmark Go to bookmark Next >>

Партнёры:

Хостинг: